[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

rpms/audit/devel audit-setroubleshoot.patch, 1.4, 1.5 audit.spec, 1.104, 1.105



Author: dwalsh

Update of /cvs/dist/rpms/audit/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv5076

Modified Files:
	audit-setroubleshoot.patch audit.spec 
Log Message:
* Wed Aug 2 2006 Dan Walsh <dwalsh redhat com> 1.2.5-6
- Change audisp to use a named pipe


audit-setroubleshoot.patch:
 AuditMsg.py |   63 ++++++++++++++++++++++++-------
 audispd     |  121 +++++++++++++++++++++++++-----------------------------------
 2 files changed, 101 insertions(+), 83 deletions(-)

Index: audit-setroubleshoot.patch
===================================================================
RCS file: /cvs/dist/rpms/audit/devel/audit-setroubleshoot.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- audit-setroubleshoot.patch	27 Jul 2006 20:56:59 -0000	1.4
+++ audit-setroubleshoot.patch	6 Aug 2006 00:03:41 -0000	1.5
@@ -1,6 +1,6 @@
 --- audit-1.2.5/audisp/audispd.setroubleshoot	2006-07-13 13:37:04.000000000 -0400
-+++ audit-1.2.5/audisp/audispd	2006-07-27 16:56:12.000000000 -0400
-@@ -1,22 +1,25 @@
++++ audit-1.2.5/audisp/audispd	2006-08-02 17:32:37.000000000 -0400
+@@ -1,76 +1,44 @@
  #! /usr/bin/env python
  import os, string, select, syslog
 -import audit, avc, traceback
@@ -8,85 +8,141 @@
  import AuditMsg
  import subprocess, signal
 -PLUGIN_DIRS = ['/etc/audisp.d', "/usr/lib/audit", "/usr/lib32/audit"]
-+PLUGIN_DIRS = ["/usr/lib/audit", "/usr/lib64/audit"]
  import glob
++from socket import *
  
  HUP=False
  def huphandler(signum, frame):
      global HUP
      HUP=True
-+
-+def childhandler(signum, frame):
-+    syslog.syslog("Child Died %d %d " % os.wait() )
-+    return
-     
- class Plugin:
-     def __init__(self, cmd):
-         self.cmd = cmd
-         self.sub_process = None
+-    
+-class Plugin:
+-    def __init__(self, cmd):
+-        self.cmd = cmd
+-        self.sub_process = None
 -        self.pid = None
 -        
-+
-     def run(self):
-         self.sub_process = subprocess.Popen(self.cmd, \
-             stdin=subprocess.PIPE, stdout=None, stderr=None, \
-@@ -27,6 +30,19 @@
-     def stop(self):
-         self.stdin.close()
- 
-+    def get_pid(self):
-+        if self.subprocess is None:
-+            return None
-+        return self.subprocess.pid
-+        
-+    def get_stdin(self):
-+        if self.subprocess is None:
-+            return None
-+        return self.subprocess.stdin
-+        
-+    pid   = property(get_pid)
-+    stdin = property(get_stdin)
-+        
+-    def run(self):
+-        self.sub_process = subprocess.Popen(self.cmd, \
+-            stdin=subprocess.PIPE, stdout=None, stderr=None, \
+-            close_fds=True, shell=True)
+-        self.stdin = self.sub_process.stdin
+-        self.pid = self.sub_process.pid
+-
+-    def stop(self):
+-        self.stdin.close()
+ 
  class audit_dispatcher:
-     def __init__(self):
+-    def __init__(self):
++    def __init__(self, server_address):
          self.data = []
-@@ -50,6 +66,8 @@
-                     self.plugins.append(p)
-                 except OSError, e:
-                     syslog.syslog("plugin %s failed to start: %s" % (plugin, e))
-+		except IOError,e:
-+                    syslog.syslog("plugin %s failed to start: IOError exception %s" % (plugin, e))
- 
-         for p in self.plugins:
-             if p.cmd not in new_plugins:
-@@ -68,9 +86,14 @@
+-        self.plugins = []
+-        self.load_plugins()
++        self.outList=[]
++        self.auSock=socket(AF_UNIX,SOCK_STREAM)
++        if os.path.exists(server_address):
++            os.remove(server_address)
++        self.auSock.bind(server_address)
++        self.auSock.listen(5)
++        self.inList=[0, self.auSock]
+         
+-    def plugin_exists(self, cmd):
+-        for p in self.plugins:
+-            if p.cmd == cmd:
+-                return True
+-        return False
+-        
+-    def load_plugins(self):
+-        new_plugins = self.get_plugins()
+-        for plugin in self.get_plugins():
+-            if not self.plugin_exists(plugin):
+-                syslog.syslog("Starting %s" %  plugin)
+-                p = Plugin(plugin)
+-                try:
+-                    p.run()
+-                    self.plugins.append(p)
+-                except OSError, e:
+-                    syslog.syslog("plugin %s failed to start: %s" % (plugin, e))
+-
+-        for p in self.plugins:
+-            if p.cmd not in new_plugins:
+-                p.stop()
+-                self.plugins.remove(p)
+-
+-    def get_plugins(self):
+-        plugins = []
+-        for dir in PLUGIN_DIRS:
+-            plugins.extend(glob.glob(os.path.join(dir, '*')))
+-        return plugins
+-
+     def add(self, msg):
+         self.data.append(msg)
+         
      def process(self):
          if len(self.data) > 0:
              msg=self.data.pop(0)
 -            for plugin in self.plugins:
 -#                syslog.syslog("sending plugin %s: '%s'" % (plugin.cmd, msg.get_body()))
 -                plugin.stdin.write(msg.binary())
-+            try:
-+                for plugin in self.plugins:
-+                    #syslog.syslog("sending plugin %s: '%s'" % (plugin.cmd, msg.get_body()))
-+                    plugin.stdin.write(msg.binary())
-+            except IOError,e:
-+                syslog.syslog("plugin %s failed: IOError exception %s" % (plugin.cmd, e))
-+                self.plugins.remove(plugin)
-+
++            for s in self.outList:
++                try:
++                    s.send(msg.binary())
++                except IOError,e:
++                    syslog.syslog("IOError exception %s" % (e))
++                    s.close()
++                    self.outList.remove(s)
++                except error,e:
++                    syslog.syslog("Socket error %s" % (e))
++                    s.close()
++                    self.outList.remove(s)
              return 0
          else:
              return 500
-@@ -86,6 +109,7 @@
-                     if not msg.read_from_fd(0):
-                         syslog.syslog("Connection closing")
-                         return
-+                    #syslog.syslog("Read Input: type=%d body='%s'" % (msg.get_msg_type(), msg.get_body()))
-                     self.add(msg)
-                     sleep=0
-                 else:
-@@ -98,22 +122,24 @@
-                         self.load_plugins()
+@@ -78,42 +46,55 @@
+     def run(self):
+         global HUP
+         sleep=500
+-        while 1:
++        while True:
+             try:
+-                input,output, err = select.select([0],[], [], sleep)
+-                if 0 in input:
+-                    msg = AuditMsg.AuditMsg()                    
+-                    if not msg.read_from_fd(0):
+-                        syslog.syslog("Connection closing")
+-                        return
+-                    self.add(msg)
+-                    sleep=0
+-                else:
+-                    sleep=self.process()
++                input,output, err = select.select(self.inList,[], self.outList, sleep)
++                for s in input:
++                    if s == 0:
++                        syslog.syslog("s == 0")
++                        msg = AuditMsg.AuditMsg()                    
++                        if not msg.read_from_fd(0):
++                            syslog.syslog("Connection closing")
++                            return
++                        self.add(msg)
++                        sleep=0
++
++                    if s == self.auSock:
++                        c,address=self.auSock.accept()
++                        self.outList.append(c)
++
++                for s in err:
++                    syslog.syslog("s in err")
++                    if s in self.outList:
++                        s.close()
++                        self.outList.remove(s)
++
++                sleep=self.process()
+ 
+             except select.error, e:
+                 if e[0] == 4:
+                     if HUP:
+                         syslog.syslog("HUP signal")
+-                        self.load_plugins()
                          HUP=False
                  else:
 -                    syslog.syslog("select exception %s " % e.args)
@@ -97,13 +153,15 @@
 -                syslog.syslog("Type exception %s " % e.args)
 +                syslog.syslog("Type exception %s " % e)
                  syslog.syslog(traceback.format_exc())
- 
+-
++                return
++                
  try:
      syslog.openlog("audispd")
      syslog.syslog("starting audispd")
      signal.signal(signal.SIGHUP, huphandler)
-+    signal.signal(signal.SIGCHLD, childhandler)
-     dispatcher=audit_dispatcher()
+-    dispatcher=audit_dispatcher()
++    dispatcher=audit_dispatcher("/var/run/auditd_sock")
      dispatcher.run()
  
  except IOError,e:
@@ -114,7 +172,7 @@
  except Exception, e:
      syslog.syslog("Unexpected exception %s " % e)
 --- audit-1.2.5/audisp/AuditMsg.py.setroubleshoot	2006-07-13 13:36:08.000000000 -0400
-+++ audit-1.2.5/audisp/AuditMsg.py	2006-07-21 09:08:55.000000000 -0400
++++ audit-1.2.5/audisp/AuditMsg.py	2006-08-02 17:30:27.000000000 -0400
 @@ -1,33 +1,55 @@
  import struct, os
 +


Index: audit.spec
===================================================================
RCS file: /cvs/dist/rpms/audit/devel/audit.spec,v
retrieving revision 1.104
retrieving revision 1.105
diff -u -r1.104 -r1.105
--- audit.spec	27 Jul 2006 21:34:08 -0000	1.104
+++ audit.spec	6 Aug 2006 00:03:41 -0000	1.105
@@ -1,7 +1,7 @@
 Summary: User space tools for 2.6 kernel auditing
 Name: audit
 Version: 1.2.5
-Release: 5
+Release: 6
 License: GPL
 Group: System Environment/Daemons
 URL: http://people.redhat.com/sgrubb/audit/
@@ -168,6 +168,9 @@
 %config(noreplace) %attr(640,root,root) /etc/sysconfig/auditd
 
 %changelog
+* Wed Aug 2 2006 Dan Walsh <dwalsh redhat com> 1.2.5-6
+- Change audisp to use a named pipe
+
 * Fri Jul 21 2006 Dan Walsh <dwalsh redhat com> 1.2.5-5
 - Fix dispatcher to handle sigchld
 - Fix library location for 64 bit


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]